Following a joint investigation by the Federal Bureau of Investigation and law enforcement agencies in Estonia and the Netherlands, an international gang that stole $14 million after hacking into at least 4 million computers in an online advertising scam has been arrested, the FBI said.
The six accused are Estonian nationals Vladimir Tsastsin, 31; Timur Gerassimenko, 31; Dmitri Jegorov, 33; Valeri Aleksejev, 31; Konstantin Poltev, 28; and Anton Ivanov, 26. The U.S. will now seek to extradite the six, who have been taken into custody.
The FBI's Operation Ghost Click was conducted with the help of police from around the world. The operation led to raids, on Tuesday, on data centers in Chicago and New York, for disabling a botnet command-and-control infrastructure which involved 100 servers. It is reported that the botnet, which began to operate in 2007, had infected at least 500,000 computers in the United States by October 2011. This included systems belonging to U.S. government agencies such as NASA.
The gang signed legitimate contracts with Internet advertising firms that earned them money every time someone clicked on a link for certain advertisements. The indictment accused the gang of using malware to generate those clicks. The gang is also accused of laundering its ill-gotten advertising fees through a variety of shell companies, including Rove Digital in Estonia.
Investigators have also charged the gang with advertising replacement fraud; they are believed to have substituted their own advertisements for legitimate ones, thus earning money every time someone viewed the illegal advertisement. The powerful virus was also capable of replacing advertisements on major websites such as Amazon.com with one of their own making.